Paper 2020/1575

(In)security of the Radio Interface in Sigfox

Loïc Ferreira


Sigfox is a popular communication and security protocol which allows setting up low-power wide-area networks for the Internet of Things. Currently, Sigfox networks operate in 72 countries, and cover 1.3 billion people. In this paper, we make an extensive analysis of the security mechanisms used to protect the radio interface. We describe news attacks against data authenticity, which is the only mandatory security property in Sigfox. Namely we describe how to replay frames, and how to compute forgeries. In addition, we highlight a flaw in the (optional) data encryption procedure. Our attacks do not exploit implementation or hardware bugs, nor do they imply a physical access to any equipment (e.g., legitimate end-device). They rely only on the peculiarities of the Sigfox security protocol. Our analysis is supported by practical experiments made in interaction with the Sigfox back-end network. These experiments validate our findings. Finally, we present efficient counter-measures which are likely straightforward to implement.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. Financial Cryptography 2021
SigfoxSecurity protocolInternet of ThingsLow-power Wide-area NetworkCryptanalysis
Contact author(s)
loic ferreira @ orange com
2020-12-21: received
Short URL
Creative Commons Attribution


      author = {Loïc Ferreira},
      title = {(In)security of the Radio Interface in Sigfox},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1575},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.